Previous Job
Previous
CSIRT Analyst (CSIRT Senior Incident Response Engineer) : 20-01354
Ref No.: 20-01354
Category: Networking ,Systems, Security & DevOps Engineering
Location: San Jose, California
Primary Skills: Incident detection and response, malware analysis, digital forensics.
Duration: 6 Months     
Contract Type: W2 Only

Qualifications:
Client is seeking a CSIRT IR Engineer to join our highly visible Cyber Security Incident Response Team that provides Security Operations Center (SOC) support, cyber analysis, scripting and automation, and a 24x7x365 support staff. This specific position requires the ability to work Swing and/or Graveyard shifts with rotations into Day shift.
Working within client's Computer Security Incident Response Team (CSIRT) you will have the opportunity to build innovative solutions to identify and mitigate information-security threats. You will work collaboratively to creatively solve complex security problems in a heterogeneous environment. With your contributions, we're building the best security incident response team in the industry. Your skills, vision, tenacity, andpassion will help us defend and respond daily to keep client's critical information assets away from threats and hackers.
Candidates must have extensive experience working with various security methodologies and processes, advanced knowledge of TCP/IP protocols, extensive experience providing analysis and trending of security log data from a large number of heterogeneous security devices.

Must demonstrate expert knowledge in Incident Response and one or more of the following areas:
Threat Hunting, Digital Forensics, Monitoring and Detection, Cyber Intelligence Analysis, Data Loss Prevention
Core Job Functions Include:
  • Investigations Investigating computer and information security incidents to determine extent of compromise to information and automated information systems, must be familiar with notable event triage, Host Forensics, Network Analysis.
  • Escalations Responding to escalated notable events from security tooling to develop/execute security controls, Defense/countermeasures to prevent internal or external attacks or attempts to infiltrate company email, data, e-commerce and web-based systems.
  • Research Researching attempted or successful efforts to compromise systems security and designs countermeasures. Stay educated on latest trends, techniques,tactics and procedures.
  • Communications Provides information and updates to shift leads, creates pass-downs for the next shift, works closely with supporting teams, provides feedback for new security policy and standards, and engages with other teams.
  • Digital Forensics As it relates to information systems, performs HR investigations and legal holds in a forensically sound manner. Consults with HR and legal subject matter experts to adhere to local country laws.
  • Coverage Must be willing and able to perform shift work, weekends, and holidays as well as participate in a rotating shift consisting of four (4) 10 hour shifts with four days on, three (3) days off and rotations across Day, Swing, and Graveyard shifts as needed.
To be successful in this position, you should be proficient with:
  • Incident Response Getting people to do the right thing in the middle of an investigation.
  • Offensive Techniques Penetration testing, IOCs, and exploits at all layers of the stack. Need to be very familiar with real world scenarios and current attacker behavior.
  • Logs - you should be very comfortable with a SEIM to be able to gather and analyze logs to recreate incidents and hunt for threats. Should have experience developing and tuning detection logic.
  • System Forensics Understanding of image acquisition techniques, memory forensics, host forensics.
  • Networking Fundamentals - TCP/IP Protocols and associated analysis tools eg. Wireshark/TCPDump.
  • Scripting Should be familiar in scripting in at least one of the following: BASH, Python, Perl or a similar language.
  • Risk Analysis Taking an event in a particular environment and understanding the practical associated risk is a critical part of our jobs.
  • Automation Creating and/or modifying scripts to automate repetitive and mundane tasks, freeing up time to focus on advanced investigations and other projects.
Enterprise Security - Should be familiar with enterprise security issues, working at scale.
Required Qualifications:

Minimum five (5) years of professional experience in incident detection and response, malware analysis, digital forensics.

At eBay, your work makes a difference. We believe that we can build a better form of commerce that is enabled by people, supported by technology, and open to everyone creating more opportunity for all.

    To follow up with any questions, please contact Pallavi at 408-816-2464
 
Akraya is an award-winning IT staffing firm and the staffing partner of choice for many leading companies across the US. We offer comprehensive benefits including Health Insurance (medical, dental, and vision), Cafeteria Plan (HSA, FSA, and dependent care), 401(k) (enrollment subject to eligibility), and Sick Pay (varies based on city and state laws).

If this position is not quite what you're looking for, visit akraya.com and submit a copy of your resume. We will get to work finding you a job that is a better fit at one of our many amazing clients.
 
Akraya is committed to equal treatment and opportunity in all aspects of recruitment, selection, and employment without regard to gender, race, religion, national origin, ethnicity, disability, gender identity/expression, sexual orientation, veteran or military status, or any other category protected under the law. Akraya is an equal opportunity employer; committed to a community of inclusion, and an environment free from discrimination, harassment, and retaliation.